首页>
外国专利>
METHODS, SYSTEMS, AND MEDIA FOR MASQUERADE ATTACK DETECTION BY MONITORING COMPUTER USER BEHAVIOR
METHODS, SYSTEMS, AND MEDIA FOR MASQUERADE ATTACK DETECTION BY MONITORING COMPUTER USER BEHAVIOR
展开▼
机译:通过监视计算机用户行为来进行恶意攻击检测的方法,系统和媒体
展开▼
页面导航
摘要
著录项
相似文献
摘要
Methods, systems, and media for masquerade attack detection by monitoring computer user behavior are provided. In accordance with some embodiments, a method for detecting masquerade attacks is provided, the method comprising: monitoring, using a hardware processor, a first plurality of user actions in a computing environment; generating a user intent model based on the first plurality of user actions; monitoring a second plurality of user actions in the computing environment; determining whether at least one of the second plurality of user actions deviates from the generated user intent model; determining whether the second plurality of user actions include performing an action on a file in the computing environment that contains decoy information in response to determining that at least one of the second plurality of user actions deviates from the generated user intent model; and generating an alert in response to determining that the second plurality of user actions include performing an action on a file in the computing environment that contains decoy information.
展开▼